Re: [PATCH net-next] ipv6: addrconf: fix mcast route for GRE devices

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Dan Williams <dcbw@redhat.com>
To: Hannes Frederic Sowa <hannes@stressinduktion.org>
Cc: David Lamparter <equinox@diac24.net>,
	netdev@vger.kernel.org,
	Stephen Hemminger <stephen@networkplumber.org>
Subject: Re: [PATCH net-next] ipv6: addrconf: fix mcast route for GRE devices
Date: Wed, 30 Jul 2014 13:20:00 -0500	[thread overview]
Message-ID: <1406744400.1908.20.camel@dcbw.local> (raw)
In-Reply-To: <1406743380.1228508.147383982.0ACFF791@webmail.messagingengine.com>

On Wed, 2014-07-30 at 20:03 +0200, Hannes Frederic Sowa wrote:
> On Wed, Jul 30, 2014, at 19:35, David Lamparter wrote:
> > On Wed, Jul 30, 2014 at 06:52:21PM +0200, Hannes Frederic Sowa wrote:
> > > On Mi, 2014-07-30 at 18:31 +0200, David Lamparter wrote:
> > > > On Wed, Jul 30, 2014 at 06:09:27PM +0200, Hannes Frederic Sowa wrote:
> > > > [cut]
> > > > > > On Wed, Jul 30, 2014 at 05:14:42PM +0200, Hannes Frederic Sowa wrote:
> > > > > > > On Mi, 2014-07-30 at 02:55 +0200, David Lamparter wrote:
> > > > > > > > GRE devices, for some reason, were coming up with an autoconfigured
> > > > > > > > address, but no ff00::/8 route in the local table.  This breaks any kind
> > > > > > > > of multicast, in particular OSPFv3, mDNS, - and ND.  In fact, IPv6 only
> > > > > > > > works at all because there is little need for ND on PtP devices.
> > > > > > > > 
> > > > > > > > Adding any other IPv6 address on the device would rectify this issue
> > > > > > > > through inet6_addr_add()/addrconf_add_dev() - and would leave the route
> > > > > > > > around even if the address was later removed.  (This is probably why
> > > > > > > > this issue was not discovered earlier.  AFAICS it has been there from
> > > > > > > > the beginning, e.g. aee80b5 "generate link local address for GRE
> > > > > > > > tunnel")
> > > > > > > 
> > > > > > > Yep, this is poor, but changing this will break user space...
> > > > > > 
> > > > > > How exactly will this break user space?
> > > > > 
> > > > > Because the multicast routes will always be restored after e.g. a route
> > > > > flush or manual route deletion. Scripts might depend on this.
> > > > 
> > > > Sorry, I still don't get it.  Without this patch you end up in an
> > > > inconsistent state, where a LL addr exists, but multicast doesn't work
> > > > (since ff00::/8 is missing from RT6_TABLE_LOCAL).
> > > 
> > > Sure, people can remove addresses and routes at will.
> > 
> > That's not the point.
> > 
> > user manually adds address on any if: ff00::/8 added.
> > kernel link-up autoconf addr on !gre: ff00::/8 added.
> > kernel link-up autoconf addr on gre:  no ff00::/8.
> 
> Ah sorry, I am ok with your patch that we generate a ff00::/8 multicast
> route if we set a gre interface up. Getting rid of the logic, that we
> try to add the ff00::/8 on every addition of an address to an interface
> would be a change which concerns because of backward compatibility
> reasons.

With IPv6LL address generation modes (IFLA_INET6_ADDR_GEN_MODE) the
kernel might not be handling the LL address, so I'd like to keep
addrconf_add_dev() in the inet6_addr_add() codepath.  Having the
multicast route is useful/correct no matter who adds the LL address to
the interface.

I think you alluded to this earlier, but I just wanted to bring it up.

Dan

> Especially this also creates multicast routes on sit-non-ptp/isatap
> routes, which actually don't need one.
> 
> > This is about automatic kernel behaviour in device up/change
> > notifications.  The user can always shoot himself in the foot.  This is
> > the kernel shooting the user in the foot in one particular and quite
> > specific instance and without a request to do so.
> 
> Agreed.
> 
> > > > Userspace is not supposed to touch RT6_TABLE_LOCAL in general, and, the
> > > > kernel will actually refuse installing the ff00::/8 route into the local
> > > > table from userspace (because there will be other ff00::/8 routes from
> > > > other interfaces, so you get "File exists").  You can delete the route
> > > > (and thus break mcast), but not add it.  The only way to add it is to
> > > > add an address.
> > > 
> > > People really do flush the routing table.
> > 
> > This is RT6_TABLE_LOCAL.  Most people aren't even aware it exists.  And
> > even though I can't find a reference for it, my memory tells me that
> > "table local" is supposed to be under the kernel's authority.
> 
> Yep, but still provide ip -6 route flush table all, which also clears
> the local table. And I guess people depend on ff00:: multicast routes
> being inserted as soon as they add addresses.
> 
> Bye,
> Hannes
> --
> To unsubscribe from this list: send the line "unsubscribe netdev" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html

next prev parent reply	other threads:[~2014-07-30 18:20 UTC|newest]

Thread overview: 25+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-07-30  0:55 [PATCH net-next] ipv6: addrconf: fix mcast route for GRE devices David Lamparter
2014-07-30 15:14 ` Hannes Frederic Sowa
2014-07-30 15:35   ` David Lamparter
2014-07-30 15:39     ` [PATCH v2] " David Lamparter
2014-07-31 19:06       ` David Miller
2014-07-31 19:37         ` Hannes Frederic Sowa
2014-07-31 20:19           ` David Lamparter
2014-07-31 20:53             ` [PATCH v3] " David Lamparter
2014-07-31 20:53               ` [PATCH 1/2] " David Lamparter
2014-07-31 22:05                 ` Hannes Frederic Sowa
2014-07-31 20:53               ` [PATCH 2/2] ipv6: addrconf: clean up device type handling David Lamparter
2014-07-31 22:13                 ` Hannes Frederic Sowa
2014-08-01  5:31                   ` David Miller
2014-07-30 15:58     ` [RFC alternate] " David Lamparter
2014-07-30 16:12       ` Hannes Frederic Sowa
2014-07-30 16:23         ` David Lamparter
2014-07-30 16:44           ` Hannes Frederic Sowa
2014-07-31  9:27       ` Hannes Frederic Sowa
2014-07-30 16:09     ` [PATCH net-next] ipv6: addrconf: fix mcast route for GRE devices Hannes Frederic Sowa
2014-07-30 16:31       ` David Lamparter
2014-07-30 16:52         ` Hannes Frederic Sowa
2014-07-30 17:35           ` David Lamparter
2014-07-30 18:03             ` Hannes Frederic Sowa
2014-07-30 18:20               ` Dan Williams [this message]
2014-07-31 19:06             ` David Miller

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1406744400.1908.20.camel@dcbw.local \
    --to=dcbw@redhat.com \
    --cc=equinox@diac24.net \
    --cc=hannes@stressinduktion.org \
    --cc=netdev@vger.kernel.org \
    --cc=stephen@networkplumber.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.